Storage-medium rental system

ABSTRACT

A storage-medium rental system includes a portable storage medium to be rented to the user, a portable semiconductor memory owned by the user, a rental-shop apparatus owned by the rental agent, and a reproduction apparatus owned by the user. The storage medium prestores encrypted content generated by encrypting digital work using a content encryption key. The semiconductor memory has an area for securely storing a content decryption key. The rental-shop apparatus stores a content decryption key for decrypting the encrypted content. The rental-shop apparatus writes the content decryption key to the semiconductor memory. The reproduction apparatus securely reads the content decryption key from the semiconductor memory, reads the encrypted content from the storage medium, decrypts the encrypted content using the content decryption key, and reproduces the decrypted content.

BACKGROUND OF THE INVENTION

[0001] (1) Field of the Invention

[0002] The present invention relates to a technique for renting astorage medium storing digital content.

[0003] (2) Description of the Related Art

[0004] Storage mediums such as DVDs for digitally storing work includingmovies and music have been increasingly widespread. High-volumeinformation can be digitally stored in such storage mediums as DVDS, andcan be used semi-permanently.

[0005] By taking advantage of such storage mediums, a rental-servicebusiness for renting storage mediums storing movies, music, etc., hasbeen developed to create a huge market.

[0006] Japanese Laid-open Patent Application No. H11-164238 disclosesthe following technique, aiming at billing users economically inaccordance with reproduction conditions of work. At a rental shop, auser selects, from a group of discs, a disc storing information that theuser wants. At the rental shop, information about the selected disc,such as a serial number, a catalogue number, a specified reproductiontime, and a reproduction number (=0), is written to an IC card owned bythe user. The user plays the disc using a player to reproduce theinformation stored therein. Here, a reproduction time is measured andaccumulated. When the accumulated reproduction time exceeds thespecified reproduction time, the reproduction number, which is thenumber of times the disc is played, is counted as one. The user may playthe disc a plural number of times, and the counted reproduction numberis written to the IC card. When the user returns the disc and the ICcard, data in the IC card is read and an amount of payment is calculatedin accordance with the reproduction number at the rental shop.

[0007] Also, Japanese Laid-open Patent Application No. H11-167768discloses the following technique, aiming at managing a rental timelimit, so that a rented disc can be played only within a rental-useperiod for the disc. At a rental shop, a user selects, from a number ofdiscs, a disc storing software information that the user wants. Eachdisc also stores its unique management information. Information aboutthe selected disc, i.e., unique management information and rental-usetime limit information of the selected disc, is written to an IC card byan IC card writing apparatus. Then, the user is given this IC cardtogether with the selected disc. The user brings home the disc and theIC card, and sets them on a special player. The player can play the disconly within the rental-use period that is written in the IC card.

[0008] Moreover, Japanese Laid-open Patent Application No. 2002-50126discloses the following technique, aiming at providing, at low costs, areproduction apparatus that prevents reproduction of data in a storagemedium whose rental time limit is expired, a storage medium, and arental system. A data reproduction apparatus is equipped with a datareproduction control unit. The data reproduction control unit startsclocking time with an initial value being the start date and time of areproduction-allowed period shown by management information. Thereproduction-allowed period is a time period during which data isallowed to be reproduced. The data reproduction control unit allows thedata to be reproduced until the kept date and time reaches the end dateand time of the reproduction-allowed period. The rental system of thisinvention includes a data writing apparatus that writes, to a storagemedium, data and its management information showing areproduction-allowed period during which the data is allowed to bereproduced, the storage medium storing the data and the managementinformation, and the above-described data reproduction apparatus.

[0009] Further, Japanese Laid-open Patent Application No. 2002-149061discloses the following technique, aiming at providing a distributionsystem and a distribution method that improve user convenience,eliminate profit loss of a shop, and realize secure content protectionin the field of digital content distribution. Mutual authentication isperformed between a reproduction apparatus and an IC card and alsobetween the IC card and a management center. The IC card transmits, tothe management center, a certificate of a reproduction apparatus publickey that has been received from the reproduction apparatus. A userinputs, using a terminal, contract information including a content titleand a rental period. The management center receives the contractinformation to which a signature of the IC card is added, encrypts acontent encryption key and the like using the reproduction apparatuspublic key and the like, adds a signature to the encrypted data, andtransmits the data with the signature to the terminal. The terminalwrites the transmitted data to the IC card. When the signature matchingsucceeds, the terminal stores the content into the storage medium. Thereproduction apparatus decrypts the encrypted content encryption keyreceived from the IC card, and decrypts the content using the contentencryption key.

[0010] There are increasing demands from rental agents that rent storagemediums storing movies, music, etc. for effectively limiting users' useof work stored in such storage mediums.

SUMMARY OF THE INVENTION

[0011] To satisfy the above-mentioned demands, the present inventionaims at providing a rental system, a reproduction apparatus, arental-shop apparatus, a rental method, a storage medium, and a rentalprogram that can limit a user's use of a storage medium storing digitalwork when the storage medium is rented to the user.

[0012] In a storage-medium rental system, a rental agent rents a user astorage medium storing digital work, to provide the digital work to theuser. The system includes a portable storage medium to be rented to theuser, a portable semiconductor memory owned by the user, a rental-shopapparatus owned by the rental agent, and a reproduction apparatus ownedby the user. The storage medium prestores encrypted content generated byencrypting digital work using a content encryption key. Thesemiconductor memory has an area for securely storing a contentdecryption key. The rental-shop apparatus stores a content decryptionkey for decrypting the encrypted content. When the user rents thestorage medium at a rental shop, the semiconductor memory is mounted onthe rental-shop apparatus. When the rental agent receives a user'spayment for the rental, the rental-shop apparatus writes the contentdecryption key to the semiconductor memory. To reproduce the digitalwork, the user mounts the semiconductor memory and the storage medium onthe reproduction apparatus. The reproduction apparatus securely readsthe content decryption key from the semiconductor memory, reads theencrypted content from the storage medium, decrypts the encryptedcontent using the content decryption key, and reproduces the decryptedcontent.

[0013] The above aim of the present invention can be achieved by astorage-medium rental system for temporarily providing, from a rentalagent to a user, a right to use digital work stored in a portablestorage medium, where a portable semiconductor memory is connected to arental-shop apparatus when the rental agent rents the user the storagemedium, and the storage medium and the semiconductor memory areconnected to a reproduction apparatus when the user reproduces thedigital work, the storage-medium rental system including: the storagemedium that prestores content information representing the digital work;the semiconductor memory that has an area for securely storinginformation; the rental-shop apparatus that securely writes rightinformation into the area of the semiconductor memory when the rentalagent rents the user the storage medium, the right information showing arange of the right to use the digital work stored in the storage medium;the reproduction apparatus that, upon receipt of an instruction from theuser to reproduce the digital work, (a) securely reads the rightinformation from the area of the semiconductor memory, (b) judgeswhether the digital work is allowed to be used or not, based on the readright information, and (c) only when judging that the digital work isallowed to be used, reads the content information from the storagemedium and reproduces the digital work based on the read contentinformation.

[0014] According to this construction, the rental-shop apparatussecurely writes the right information to the semiconductor memory, andthe reproduction apparatus securely reads the right information from thesemiconductor memory and judges whether the digital work stored in thestorage medium is allowed to be used or not based on the read rightinformation. Therefore, only the user who owns the semiconductor memorycan reproduce the digital work.

[0015] Here, the user may make a payment for rental to the rental agentwhen the rental agent rents the user the storage medium, and therental-shop apparatus may securely write the right information into thearea of the semiconductor memory when the rental agent receives thepayment for rental from the user.

[0016] According to this construction, the rental-shop apparatussecurely writes the right information to the semiconductor memory whenthe rental agent receives the payment for rental from the user.Therefore, the semiconductor memory can be used to guarantee that theuser has properly made the payment for rental to the rental agent.

[0017] Here, the content information stored in the storage medium mayhave been generated by encrypting the digital work using an encryptionkey, the rental-shop apparatus may write the right information includinga decryption key to be used to decrypt the content information, into thearea of the semiconductor memory, and the reproduction apparatus maydecrypt the read content information using the decryption key includedin the read right information, to generate the digital work, only whenjudging that the digital work is allowed to be used.

[0018] According to this construction, the reproduction apparatusdecrypts the read content information using the decryption key includedin the read right information. Therefore, only the user who owns thesemiconductor memory can decrypt the content information.

[0019] Here, the rental-shop apparatus may securely write the rightinformation including reproduction-limiting information into the area ofthe semiconductor memory, the reproduction-limiting information showinga limitation to be imposed on reproduction of the digital work stored inthe storage medium, and the reproduction apparatus may judge whether thedigital work is allowed to be used or not, based on thereproduction-limiting information included in the read rightinformation.

[0020] According to this construction, the reproduction apparatus judgeswhether the digital work is allowed to be used or not, based on thereproduction-limiting information included in the right information readfrom the semiconductor memory. This construction can properly limit theuse of the digital work by the user who owns the semiconductor memory.

[0021] Here, the reproduction-limiting information may show a rental-usetime limit until when the rental agent allows the user to use thedigital work stored in the storage medium, the rental-shop apparatus maywrite the right information including the rental-use time limit, and thereproduction apparatus may compare the rental-use time limit included inthe right information with a present date and time, and judges that thedigital work is allowed to be used when the rental-use time limit is onor after the present date and time.

[0022] According to this construction, a rental-use time limit can beset for the user who owns the semiconductor memory.

[0023] Here, the reproduction-limiting information may show a rental-useperiod during which the rental agent allows the user to use the digitalwork stored in the storage medium, the rental-use period starting from atime at which the user firstly reproduces the digital work stored in thestorage medium, the rental-shop apparatus may write the rightinformation including the rental-use period, and the reproductionapparatus may compare an elapsed date and time at which the rental-useperiod elapses from the time at which the user firstly reproduces thedigital work, with a present date and time, and judges that the digitalwork is allowed to be used when the elapsed date and time is on or afterthe present date and time.

[0024] According to this construction, a rental-use period can be setfor the user who owns the semiconductor memory.

[0025] Here, the reproduction-limiting information may show a number oftimes the user is allowed to reproduce the digital work stored in thestorage medium, the rental-shop apparatus may write the rightinformation including the number of times the user is allowed toreproduce the digital work, and the reproduction apparatus may count anumber of times the digital work has been reproduced every time thedigital work is reproduced, and judge that the digital work is allowedto be used only when the counted number of times does not exceed thenumber of times the user is allowed to reproduce the digital workincluded in the right information.

[0026] According to this construction, the number of times reproductionis allowed can be set for the user who owns the semiconductor memory.

[0027] Here, the storage medium may store first identificationinformation in correspondence with the content information, the firstidentification information identifying the digital work, the rental-shopapparatus may write the right information including secondidentification information into the area of the semiconductor memory,the second identification information identifying the digital work, and

[0028] the reproduction apparatus may compare the first identificationinformation stored in the storage medium and the second identificationinformation included in the read right information, and only when thefirst identification information and the second identificationinformation match, judge that the digital work identified by the contentinformation stored in correspondence with the first identificationinformation is allowed to be used.

[0029] According to this construction, the reproduction apparatuscompares the first identification information stored in the storagemedium and the second identification information included in the readright information, and judges that the digital work represented by thecontent information stored in correspondence with the firstidentification information is allowed to be used only when the firstidentification information and the second identification informationmatch. This can ensure that the use of digital work by the user who ownsthe semiconductor memory is limited only to digital work that is allowedto be reproduced.

[0030] Here, the content information stored in the storage medium mayhave been generated by encrypting the digital work using a content key,the rental-shop apparatus may securely write the right informationincluding an encrypted content key that has been generated by encryptingthe content key using a device key, into the area of the semiconductormemory, the semiconductor memory may further prestore the device key inthe area, the device key being unique to the semiconductor memory, thesemiconductor memory may further include a decryption unit fordecrypting the encrypted content key stored in the area using the devicekey stored in the area, to generate the content key, and outputting thegenerated content key, and the reproduction apparatus, upon receipt ofthe reproduction instruction from the user, may receive the content keyfrom the semiconductor memory, and decrypt the read content informationusing the received content key, to generate the digital work.

[0031] According to this construction, the semiconductor memoryprestores the device key in the area, and includes the decryption unitthat decrypts the encrypted content key stored in the area using thedevice key to generate the content key, and outputs the generatedcontent key. Therefore, the possibility of the decryption unit beingdecoded can be reduced.

[0032] Here, the content information stored in the storage medium mayhave been generated by encrypting the digital work using a content key,the storage medium may store a disc key that is unique to the storagemedium, the rental shop apparatus may securely write the rightinformation including an encrypted content key that has been generatedby encrypting the content key using the disc key, into the area of thesemiconductor memory, the semiconductor memory may further include adecryption unit for obtaining the disc key from the storage medium viathe reproduction apparatus, decrypting the encrypted content key storedin the area using the obtained disc key to generate the content key, andoutputting the generated content key, and the reproduction apparatus,upon receipt of the reproduction instruction from the user, may receivethe content key from the semiconductor memory, decrypt the read contentinformation using the received content key, to generate the digitalwork.

[0033] According to this construction, the semiconductor memory obtainsthe disc key from the storage medium via the reproduction apparatus,decrypts the encrypted content key stored in the area to generate thecontent key, and outputs the generated content key. Therefore, even ifthe storage medium is copied by an unauthorized user, decryption of theencrypted content can be prevented.

[0034] Here, the semiconductor memory may perform mutual deviceauthentication with the rental-shop apparatus, and only when the mutualdevice authentication succeeds, allow the rental-shop apparatus to writethe right information. Also, the semiconductor memory may perform mutualdevice authentication with the reproduction apparatus, and only when themutual device authentication succeeds, allow the reproduction apparatusto read the right information.

[0035] According to these constructions, the semiconductor memory andthe reproduction apparatus perform mutual device authentication betweenthem. Therefore, only an authenticated device is allowed to use theright information.

[0036] Here, the area of the semiconductor memory may include aplurality of application areas being provided in one-to-onecorrespondence with a plurality of application functions, eachapplication area being provided for securely storing information for thecorresponding application function, and

[0037] one of the plurality of application functions may be a rentalfunction of renting the storage medium for use in the storage-mediumrental system, and the application area corresponding to the rentalfunction is used to store the right information.

[0038] According to this construction, the area of the semiconductormemory includes a plurality of application areas in one-to-onecorrespondence with the a plurality of application functions forsecurely storing information. Therefore, the semiconductor memory can beused for various purposes.

[0039] Here, another one of the plurality of application functions maybe a membership card function of identifying a member of a rental shop,and the application area corresponding to the membership card functionmay be used to store a member number that identifies the user.

[0040] According to this construction, one of the application areas inthe semiconductor memory is used to store a member number thatidentifies the user. Therefore, the semiconductor memory can function asa membership card for identifying a member of the rental shop.

[0041] Here, another one of the plurality of application functions maybe a bonus provision function of providing, from the rental agent to theuser, point information as a bonus in accordance with use of the storagemedium, and the application area corresponding to the bonus provisionfunction may be used to store point information showing a predeterminednumber of points that can be used to make a payment for reproduction ofthe digital work, when the rental agent receives the payment from theuser, the rental-shop apparatus may send to the semiconductor memory, arequest to deduct a number of points designated by the user, from thepredetermined number of points shown by the point information, as a partor all of the payment, and the semiconductor memory may further includea payment unit that deducts the designated number of points from thepredetermined number of points shown by the point information, asrequested by the rental-shop apparatus.

[0042] According to this construction, the semiconductor memory canfunction as a bonus provision card for providing, from the rental agentto the user, point information as a bonus in accordance with use of thestorage medium.

[0043] Here, the rental-shop apparatus may generate, when the rentalagent receives the payment from the user, point information showing anumber of points in accordance with the payment to be received, andadditionally write the generated point information into the applicationarea of the semiconductor memory.

[0044] According to this construction, the rental-shop apparatusgenerates, when the rental agent receives the payment from the user,point information showing the number of points in accordance with thepayment to be received, and writes the generated point information tothe semiconductor memory. Therefore, the user can use point informationstored in the semiconductor memory.

[0045] Here, another one of the plurality of application functions maybe a payment function that is used to make the payment for rental fromthe user to the rental agent, and the application area corresponding tothe payment function may prestore electric money information showing apredetermined amount of electric money that can be used instead ofactual money, when the rental agent receives the payment from the user,the rental-shop apparatus may send to the semiconductor memory, arequest to deduct an amount of electric money corresponding to thepayment from the predetermined amount of electric money shown by theelectric money information, receive electric money information showingthe amount of electric money corresponding to the payment from thesemiconductor memory, and store the received electric money information,and the semiconductor memory may further include a payment unit thattransmits the electric money information showing the amount of electricmoney corresponding to the payment to the rental-shop apparatus asrequested by the rental-shop apparatus, and deducts the amount ofelectric money corresponding to the payment from the predeterminedamount of electric money shown by the electric money information storedin the application area.

[0046] According to this construction, when the rental agent receivesthe payment from the user, the rental-shop apparatus sends to thesemiconductor memory, a request to deduct an amount of electric moneycorresponding to the payment, from the amount of electric money shown bythe electric money information, and receives electric money informationshowing the amount of electric money corresponding to the payment fromthe semiconductor memory. Therefore, the user and the rental agent donot need to handle actual money.

[0047] Here, another one of the plurality of application functions maybe a payment function that is used to make a payment for rental from theuser to the rental agent, and the application area corresponding to thepayment function may prestore electric ticket information that showselectric tickets that can be used to make a payment for reproduction ofthe digital work, when reproducing the digital work, the reproductionapparatus may send to the semiconductor memory, a request to deductelectric tickets corresponding to the payment determined in accordancewith the reproduction of the digital work, from the electric ticketsshown by the electric ticket information, and the semiconductor memorymay further include a payment unit that deducts the electric ticketscorresponding to the payment from the electric tickets shown by theelectric ticket information stored in the application area, as requestedby the reproduction apparatus.

[0048] According to this construction, when reproducing the digitalwork, the reproduction apparatus sends to the semiconductor memory, arequest to deduct electric tickets corresponding to the paymentdetermined in accordance with reproduction of the digital work, from theelectric tickets shown by the electric ticket information. Therefore,the user does not need to handle actual money at the time ofreproduction, and the payment can be made in accordance with thereproduction.

[0049] Here, the reproduction apparatus may obtain, before reproducingthe digital work, electric ticket information showing remaining electrictickets from the semiconductor memory, and judge that the digital workis not allowed to be used and prohibit the digital work from beingreproduced, when the remaining electric tickets are less than theelectric tickets corresponding to the payment determined in accordancewith the reproduction of the digital work.

[0050] According to this construction, before reproducing the digitalwork, the reproduction apparatus can judge whether the digital work isallowed to be reproduced or not, based on the remaining electric ticketsshown by the electric ticket information stored in the semiconductormemory. Therefore, such a case can be avoided where the digital work isallowed to be reproduced though the remaining electric tickets are lessthan the required electric tickets.

[0051] Here, the reproduction apparatus may send to the semiconductormemory, a request to deduct electric tickets corresponding to a paymentfor reproduction of one-time from the electric tickets shown by theelectric ticket information, every time the digital work is reproduced.

[0052] According to this construction, the reproduction apparatus sendsto the semiconductor memory, a request to deduct electric ticketscorresponding to a payment for reproduction of one-time from theelectric tickets shown by the electric ticket information every time thedigital work is reproduced. Therefore, the user can make a payment inaccordance with the number of times the digital work is reproduced.

[0053] Here, when reproducing the digital work one or more times duringa predetermined period of time, the reproduction apparatus may send tothe semiconductor memory, a request to deduct electric ticketscorresponding to a payment for the reproduction of the digital workduring the predetermined period of time, from the electric tickets shownby the electric ticket information.

[0054] According to this construction, when reproducing the digital workone or more times during a predetermined period of time, thereproduction apparatus sends to the semiconductor memory, a request todeduct electric tickets corresponding to a payment for the reproductionof the digital work during the predetermined period of time, from theelectric tickets shown by the electric ticket information. Therefore,the user can make a payment in accordance with the number of times thedigital work is reproduced.

BRIEF DESCRIPTION OF THE DRAWINGS

[0055] These and other objects, advantages and features of the inventionwill become apparent from the following description thereof taken inconjunction with the accompanying drawings that illustrate a specificembodiment of the invention.

[0056] In the drawings:

[0057]FIG. 1 shows the construction of a rental system 1;

[0058]FIG. 2 is a block diagram showing the construction of a shopapparatus 10;

[0059]FIG. 3 shows one example of a data structure of a rental-shopmembership table 151;

[0060]FIG. 4 shows one example of a data structure of a rental-usemanagement table 152;

[0061]FIG. 5 is a block diagram showing the construction of an IC card20;

[0062]FIG. 6 is a block diagram showing the construction of a DVD player40;

[0063]FIG. 7 is a flowchart showing an operation performed when a membernumber is newly issued;

[0064]FIG. 8 is a flowchart showing an operation performed when a DVD isrented to a user who is a member of a rental shop;

[0065]FIG. 9 is a flowchart showing an operation performed when digitalwork stored in a DVD 30 is reproduced by the DVD player, continuing toFIG. 10;

[0066]FIG. 10 is a flowchart showing the operation performed when thedigital work stored in the DVD 30 is reproduced by the DVD player,continuing from FIG. 9;

[0067]FIG. 11 is a block diagram showing the construction of a serverapparatus 50;

[0068]FIG. 12 shows one example of data stored in an information storageunit 201 included in the IC card 20, and one example of data stored inthe DVD 30;

[0069]FIG. 13 is a flowchart showing an operation performed when a DVDis rented to a user who is a member of a rental shop, continuing to FIG.14;

[0070]FIG. 14 is a flowchart showing the operation performed when theDVD is rented to the user who is the member of the rental shop,continuing from FIG. 13;

[0071]FIG. 15 is a flowchart showing an operation performed when digitalwork stored in the DVD 30 is reproduced by a DVD player, continuing toFIG. 16; and

[0072]FIG. 16 is a flowchart showing the operation performed when thedigital work stored in the DVD 30 is reproduced by the DVD player,continuing from FIG. 15.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

[0073] 1. First Embodiment

[0074] The following describes a rental system 1 as a first embodimentof the present invention.

[0075] 1.1 Construction of the Rental System 1

[0076] As shown in FIG. 1, the rental system 1 is roughly composed of ashop apparatus 10, an IC card 20, a DVD 30, and a DVD player 40.

[0077] The shop apparatus 10 is located at a shop run by a rental agent,and its operations are managed by the rental agent. When the rentalagent rents a user the DVD (Digital Versatile Disc) 30 storing digitalwork such as a movie and music, the IC card 20 owned by the user ismounted on the shop apparatus 10. The shop apparatus 10 writesrental-use management information that is described later, to the ICcard 20 owned by the user.

[0078] The DVD player 40 is located at the user's home. To reproduce thedigital work stored in the rented DVD 30, the user mounts the DVD 30 andthe IC card 20 on the DVD player 40. The DVD player 40 judges whetherthe digital work stored in the DVD 30 is allowed to be reproduced ornot, based on the rental-use management information stored in the ICcard 20. When judging that the digital work is allowed to be reproduced,the DVD player 40 reproduces the digital work.

[0079] The following describes each component of the rental system 1.

[0080] 1.1.1 Construction of the DVD 30

[0081] The DVD 30 is an optical magnetic disc that can store high-volumeinformation. As shown in FIG. 1, the DVD 30 is wrapped in a DVD package31. A bar code is printed on the surface of the DVD package 31. Thebarcode indicates a title ID that is described later.

[0082] As one example shown in FIG. 6, the DVD 30 prestores encryptedcontent, an encrypted title key, and rental disc identificationinformation.

[0083] The encrypted content is generated by encrypting content that isdigital work, i.e., a movie, using a title key. The title key used toencrypt the content is unique to the content. Here, DES (Data EncryptionStandard) is used as an encryption algorithm.

[0084] The encrypted title key is generated by encrypting the title keyusing a device key that is described later. Here, too, DES is used as anencryption algorithm.

[0085] The rental disc identification information shows that the DVD 30is a disc available for rental. Also, the rental disc identificationinformation includes a title ID. Here, the title ID is identificationinformation for identifying the original content of the encryptedcontent stored in the DVD 30.

[0086] 1.1.2 Construction of the Shop Apparatus 10

[0087] As shown in FIG. 2, the shop apparatus 10 is roughly composed ofan information storage unit 101, an input unit 102, a display unit 103,a control unit 104, an IC card reading unit 105, a barcode processingunit 106, and an authentication unit 107. Also, a barcode reader 11 isconnected to the shop apparatus 10.

[0088] Specifically, the shop apparatus 10 is a computer system that isroughly composed of a microprocessor, a ROM, a RAM, a hard disk unit, adisplay unit, and a keyboard. The hard disk unit stores computerprograms. The functions of the shop apparatus 10 are realized by themicroprocessor operating in accordance with the computer programs.

[0089] (1) Information Storage Unit 101

[0090] As shown in FIG. 2, the information storage unit 101 includes arental-shop membership table 151 and a rental-use management table 152.

[0091] (Rental-Shop Membership Table 151)

[0092] The rental-shop membership table 151 is for storing informationabout users who are registered as members of the rental shop run by therental agent. As one example shown in FIG. 3, the rental-shop membershiptable 151 has an area for storing a plurality of sets of membershipinformation.

[0093] Each set of membership information corresponds to one member.

[0094] A set of membership information is made up of a member number, amember name, an address, a birth date, and a telephone number. Here, themember number is an identification number for identifying thecorresponding member. The member name is a full name of the member. Theaddress is a location of residence of the member. The birth date is adate, month, and year when the member was born. The telephone number isa number of a telephone owned by the member.

[0095] (Rental-Use Management Table 152)

[0096] The rental-use management table 152 is for storing informationabout DVDs that are rented from the rental shop to the user. As oneexample shown in FIG. 4, the rental-use management table 152 includes aplurality of sets of use management information.

[0097] Each set of use management information corresponds to one rentedDVD.

[0098] A set of use management information is made up of a title ID, amember number, a rental start date, a rental end date, and a rentalprice. Here, the title ID is identification information for identifyingcontent stored in the corresponding DVD. The member number identifies amember to which the DVD is rented. The rental start date is a date whenrental of the DVD is started. The rental end date is a date when therental of the DVD is ended. The rental price shows an amount of paymentfor the DVD rental.

[0099] (2) Authentication Unit 107

[0100] The authentication unit 107 performs mutual device authenticationwith the IC card 20 via the IC card reading unit 105 when the IC card 20is mounted on the shop apparatus 10. Here, the device authentication isof a challenge-response type. The device authentication is not describedin detail here as it is well known.

[0101] The authentication unit 107 sends a success message indicating asuccess of the mutual device authentication to the control unit 104 whenthe mutual device authentication between the authentication unit 107 andthe IC card 20 succeeds, and sends a failure message indicating afailure of the mutual device authentication to the control unit 104 whenthe mutual device authentication fails.

[0102] When the mutual device authentication fails, the shop apparatus10 thereafter does not transmit and receive information to and from theIC card 20.

[0103] (3) IC Card Reading Unit 105

[0104] The IC card reading unit 105 bidirectionally transmits andreceives information between the control unit 104 and the IC card 20under control by the control unit 104, and between the authenticationunit 107 and the IC card 20 under control by the authentication unit107.

[0105] (4) Barcode Reader 11

[0106] The barcode reader 11 optically reads a barcode printed on thesurface of the DVD package 31, generates read-information correspondingto the barcode, and outputs the generated read-information to thebarcode processing unit 106.

[0107] (5) Barcode Processing Unit 106

[0108] The barcode processing unit 106 receives the read-informationfrom the barcode reader 11, generates a title ID using the receivedread-information, and outputs the generated title ID to the control unit104.

[0109] (6) Control Unit 104

[0110] (Member Number Issuing Process)

[0111] The following describes a process of issuing a member number. Inthe member number issuing process, when authentication performed by theauthentication unit 107 in the shop apparatus 10 succeeds andauthentication performed by an authentication unit 204 in the IC card 20succeeds, the control unit 104 receives a member name, an address, abirth date, and a telephone number from the input unit 102. Also, thecontrol unit 104 newly generates a member number. Following this, thecontrol unit 104 additionally writes a set of membership informationthat is made up of the generated member number, the received membername, address, birth date, and telephone number, to the rental-shopmembership table 151 held by the information storage unit 101.

[0112] Also, the control unit 104 outputs the generated member number tothe IC card 20 via the IC card reading unit 105.

[0113] (DVD Rental Process)

[0114] The following describes a process of renting a DVD. In the DVDrental process, the control unit 104 receives a title ID from thebarcode processing unit 106.

[0115] When authentication performed by the authentication unit 107 inthe shop apparatus 10 succeeds and authentication performed by theauthentication unit 204 in the IC card 20 succeeds, the control unit 104outputs a request to read a member number to the IC card 20 via the ICcard reading unit 105. The control unit 104 receives the member numberfrom the IC card 20 via the IC card reading unit 105.

[0116] Following this, the control unit 104 sets a rental start date, arental end date, and a rental price. Here, the rental start date is adate of today, and the rental end date is a date seven days after therental start date. Also, the rental price is a predetermined value. Itshould be noted here that the rental end date may be set variably asrequested by the user. It should also be noted here that the rentalprice may be set in accordance with a rental period, or may be set inaccordance with a type of digital work to be rented.

[0117] Following this, the control unit 104 generates a set of usemanagement information that is made up of the generated title ID read bythe barcode reader 11, the received member number, and the set rentalstart date, rental end date, and rental price, and additionally writesthe generated set of use management information to the rental-usemanagement table 152 held by the information storage unit 101.

[0118] Also, the control unit 104 outputs the title ID and the rentalend date to the IC card 20 via the IC card reading unit 105.

[0119] (7) Input Unit 102 and Display Unit 103

[0120] The input unit 102 receives an input from an operator of the shopapparatus 10, and outputs the received input to the control unit 104.Also, the display unit 103 receives information to be displayed from thecontrol unit 104, and displays the received information.

[0121] 1.1.3 Construction of the IC Card 20

[0122] The IC card 20 is provided to the user as being bundled with theDVD player 40.

[0123] As shown in FIG. 5, the IC card 20 is roughly composed of aninformation storage unit 201, a decryption unit 202, a control unit 203,the authentication unit 204 and an IF unit 205.

[0124] It should be noted here that each block is connected to anotherblock by a connection line in FIG. 5. Here, each connection lineindicates a path on which signals and information are transmitted. Also,a connection line with a drawing of a key, out of a plurality ofconnection lines connecting a block of the decryption unit 202 to otherblocks, indicates a path on which information as a key is transmitted tothe decryption unit 202. The same applies to other drawings.

[0125] Specifically, the IC card 20 is a computer system that is roughlycomposed of a microprocessor, a ROM, and a RAM. The RAM stores computerprograms. The functions of the IC card 20 are realized by themicroprocessor operating in accordance with the computer programs.

[0126] The following describes each component of the IC card 20.

[0127] (1) Information Storage Unit 201

[0128] The information storage unit 201 prestores a device key. Thedevice key is unique to the IC card 20 and has been written by amanufacturer at the time of manufacturing the IC card 20.

[0129] A DVD disc including a title key encrypted using this device keyis available for rental to the user at the rental shop.

[0130] It should be noted here that a producer of a DVD disc, morespecifically a copyright-protected licenser, manages values of all thedevice keys. The copyright-protected licenser distributes these devicekeys to the manufacturer of IC cards to be mounted on DVD players. Adevice key distributed from the copyright-protected licenser to themanufacturer in this way is written to an IC card by the manufacturer ofthe IC card.

[0131] As described above, such an IC card that includes a device keynecessary for encrypting content is originally utilized in a copyrightprotection system, and is diverted to the rental system.

[0132] Also, the information storage unit 201 has an area for storing amember number and rental—use management information. Here, the membernumber is an identification number for identifying a user registered asa member. The rental-use management information is information about useof a rented DVD, more specifically, information about a title ID and arental end date of the rented DVD.

[0133] (2) IF Unit 205

[0134] The IF unit 205 bidirectionally transmits and receivesinformation between the control unit 203 and an external device on whichthe IC card 20 is mounted under control by the control unit 203, andbetween the authentication unit 204 and an external device on which theIC card 20 is mounted under control by the authentication unit 204.Here, an external device is the shop apparatus 10 or the DVD player 40.

[0135] (3) Authentication Unit 204

[0136] The authentication unit 204 performs mutual device authenticationwith the shop apparatus 10 via the IF unit 205 when the IC card 20 ismounted on the shop apparatus 10. Here, the device authentication is ofa challenge-response type. The device authentication is not described indetail here as it is well known.

[0137] The authentication unit 204 sends a success message indicating asuccess of the mutual device authentication to the control unit 203 whenthe mutual device authentication between the authentication unit 204 andthe shop apparatus 10 succeeds, and sends a failure message indicating afailure of the mutual device authentication to the control unit 203 whenthe mutual device authentication fails.

[0138] When the mutual device authentication fails, the IC card 20thereafter does not transmit and receive information to and from theshop apparatus 10.

[0139] Also, the authentication unit 204 performs mutual deviceauthentication with the DVD player 40 via the IF unit 205 when the ICcard 20 is mounted on the DVD player 40. Here, the device authenticationis of a challenge-response type. The device authentication is notdescribed in detail here as it is well known.

[0140] The authentication unit 204 sends a success message indicating asuccess of the mutual device authentication to the control unit 203 whenthe mutual device authentication between the authentication unit 204 andthe DVD player 40 succeeds, and sends a failure message indicating afailure of the mutual device authentication to the control unit 203 whenthe mutual device authentication fails.

[0141] When the mutual device authentication fails, the IC card 20thereafter does not transmit and receive information to and from the DVDplayer 40.

[0142] (4) Decryption Unit 202

[0143] The decryption unit 202 receives an encrypted title key from thecontrol unit 203, reads a device key from the information storage unit201, decrypts the received encrypted title key using the read device keyto generate a title key, and outputs the generated title key to thecontrol unit 203. Here, DES is used as a decryption algorithm.

[0144] (5) Control Unit 203

[0145] (Member Number Issuing Process)

[0146] To newly issue a member number, the control unit 203 receives amember number from the shop apparatus 10 via the IF unit 205, and writesthe received member number to the information storage unit 201.

[0147] (DVD Rental Process)

[0148] To rent a DVD to a user who is a member of the rental shop, thecontrol unit 203 receives a request to read a member number via the IFunit 205 when authentication performed by the authentication unit 107 inthe shop apparatus 10 succeeds and authentication performed by theauthentication unit 204 in the IC card 20 succeeds. Upon receipt of therequest, the control unit 203 reads the member number from theinformation storage unit 201, and outputs the read member number to theshop apparatus 10 via the IF unit 205.

[0149] Also, the control unit 203 receives a title ID and a rental enddate from the shop apparatus 10 via the IF unit 205. Following this, thecontrol unit 203 writes rental-use management information including thereceived title ID and the rental end date to the information storageunit 201.

[0150] (DVD Data Reproduction Process)

[0151] The following describes a DVD data reproduction process in whichthe user to which the DVD 30 has been rented reproduces digital workstored in the DVD 30. In the DVD data reproduction process, the controlunit 203 first receives rental disc identification information from theDVD player 40 via the IF unit 205 when authentication performed by theauthentication unit 406 in the DVD player 40 succeeds and authenticationperformed by the authentication unit 204 in the IC card 20 succeeds.

[0152] Following this, the control unit 203 reads a title ID included inrental-use management information from the information storage unit 201,and judges whether the title ID included in the received rental discidentification information and the read title ID match or not. When aresult of this judgment is negative, the control unit 203 ends theprocess.

[0153] When the result of the above judgment is affirmative, the controlunit 203 sends a request to obtain the present date and time, to the DVDplayer 40 via the IF unit 205. Then, the control unit 203 receives thepresent date and time from the DVD player 40 via the IF unit 205.

[0154] Following this, the control unit 203 reads a rental end dateincluded in the rental-use management information from the informationstorage unit 201, and compares the received present date and time andthe read rental end date. When judging that the present date and time isafter the rental end date, the control unit 203 ends the process.

[0155] When judging that the present date and time is before the rentalend date or is on the rental end date, the control unit 203 sends arequest to read an encrypted title key from the DVD 30, via the IF unit205, to the DVD player 40. Then, the control unit 203 receives theencrypted title key from the DVD player 40 via the IF unit 205, andoutputs the received encrypted title key to the decryption unit 202. Thecontrol unit 203 receives a title key from the decryption unit 202, andoutputs the received title key to the DVD player 40 via the IF unit 205.

[0156] 1.1.4 Construction of the DVD Player 40

[0157] As shown in FIG. 6, the DVD player 40 is roughly composed of aninput unit 401, a decoder 402, a decryption unit 403, a control unit404, a clock unit 405, the authentication unit 406, and an IF unit 407.

[0158] Specifically, the DVD player 40 is a computer system that isroughly composed of a microprocessor, a ROM, and a RAM. The ROM storescomputer programs. The functions of the DVD player 40 are partiallyrealized by the microprocessor operating in accordance with the computerprograms.

[0159] (1) Input Unit 401

[0160] The input unit 401 reads information from the DVD 30 undercontrol by the control unit 404 or the decryption unit 403, and outputsthe read information to the control unit 404 or the decryption unit 403.

[0161] (2) IF Unit 407

[0162] The IF unit 407 bidirectionally transmits and receivesinformation between the control unit 404 and the IC card 20 undercontrol by the control unit 404, and between the authentication unit 406and the IC card 20 under control by the authentication unit 406.

[0163] (3) Authentication Unit 406

[0164] The authentication unit 406 performs mutual device authenticationwith the IC card 20 via the IF unit 407 when the IC card 20 is mountedon the DVD player 40. Here, the device authentication is of achallenge-response type. The device authentication is not described indetail here as it is well known.

[0165] The authentication unit 406 sends a success message indicating asuccess of the mutual device authentication to the control unit 404 whenthe mutual device authentication between the authentication unit 406 andthe IC card 20 succeeds, and sends a failure message indicating afailure of the mutual device authentication to the control unit 404 whenthe mutual device authentication fails.

[0166] When the mutual device authentication fails, the DVD player 40thereafter does not transmit and receive information to and from the ICcard 20.

[0167] (4) Clock Unit 405

[0168] The clock unit 405 clocks the present date and time, and outputsthe present date and time to the control unit 404 as requested by thecontrol unit 404.

[0169] (5) Decryption Unit 403

[0170] The decryption unit 403 receives a title key from the controlunit 404, reads encrypted content from the DVD 30 via the input unit401, decrypts the read encrypted content using the received title key togenerate content, and outputs the generated content to the decoder 402.Here, DES is used as a decryption algorithm.

[0171] (6) Decoder 402

[0172] The decoder 402 receives content from the decryption unit 403,reproduces the received content to generate video and audio signals, andoutputs the generated video and audio signals to the monitor 41. Themonitor 41 receives the video and audio signals, converts the video andaudio signals into video and audio, and outputs the video and audio.

[0173] (7) Control Unit 404

[0174] The control unit 404 reads rental disc identification informationfrom the DVD 30 via the input unit 401 and outputs the read rental discidentification information to the IC card 20 via the IF unit 407 whenauthentication performed by the authentication unit 406 in the DVDplayer 40 succeeds and authentication performed by the authenticationunit 204 in the IC card 20 succeeds.

[0175] Also, the control unit 404 receives a request to obtain thepresent date and time from the IC card 20 via the IF unit 407. Uponreceipt of the request, the control unit 404 obtains the present dateand time from the clock unit 405, and outputs the obtained present dateand time to the IC card 20 via the IF unit 407.

[0176] Also, the control unit 404 receives a request to read anencrypted title key from the DVD 30, from the IC card 20 via the IF unit407. Upon receipt of the request, the control unit 404 reads theencrypted title key from the DVD 30, and outputs the read encryptedtitle key to the IC card 20 via the IF unit 407.

[0177] Further, the control unit 404 receives the title key from the ICcard 20 via the IF unit 407, and outputs the received title key to thedecryption unit 403.

[0178] 1.2 Operation of the Rental System 1

[0179] The following describes an operation of each of the member numberissuing process, the DVD rental process, and the DVD data reproductionprocess in the rental system 1.

[0180] 1.2.1 Member Number Issuing Process

[0181] The following describes an operation performed when a membernumber is newly issued, with reference to a flowchart shown in FIG. 7.

[0182] A shop clerk who operates the shop apparatus 10 at the rentalshop receives the IC card 20 from a user who wants to newly register asa member of the rental shop, and mounts the received IC card 20 on theshop apparatus 10.

[0183] When the IC card 20 is mounted on the shop apparatus 10 by theoperator of the shop apparatus 10, the authentication unit 107 in theshop apparatus 10 performs authentication of the authentication unit 204in the IC card 20 (step S101), and the authentication unit 204 in the ICcard 20 performs authentication of the authentication unit 107 in theshop apparatus 10 (step S111).

[0184] When the authentication performed by the authentication unit 107in the shop apparatus 10 fails (step S102), the shop apparatus 10thereafter stops processing relating to the IC card 20 and ends themember number issuing process. Also, when the authentication performedby the authentication unit 204 in the IC card 20 fails (step S112), theIC card 20 stops processing relating to the shop apparatus 10.

[0185] When the authentication performed by the authentication unit 107in the shop apparatus 10 succeeds (step S102), and the authenticationperformed by the authentication unit 204 in the IC card 20 succeeds(step S112), the input unit 102 receives an input of a member name,outputs the input member name to the control unit 104 (step S103),receives an input of an address and a telephone number, outputs theinput address and telephone number to the control unit 104 (step S104),receives an input of a birth date, and outputs the input birth date tothe control unit 104 (step S105). Following this, the control unit 104generates a new member number (step S106), and writes a set ofmembership information that is made up of the generated member number,and the received member name, address, birth date, and telephone number,to the rental-shop membership table 151 held by the information storageunit 101 (step S107).

[0186] Following this, the control unit 104 outputs the generated membernumber to the IC card 20 via the IC card reading unit 105, and thecontrol unit 203 in the IC card 20 receives the member number via the IFunit 205 (step S108). The control unit 203 writes the received membernumber to the information storage unit 201 (step S113).

[0187] As described above, a set of membership information for the userwho has newly become a member is registered in the shop apparatus 10,and the user's member number is stored into the IC card 20 that is ownedby the user.

[0188] 1.2.2 DVD Rental Process

[0189] The following describes an operation performed when a DVD isrented to a user who is a member of the rental shop, with reference to aflowchart shown in FIG. 8.

[0190] A shop clerk who operates the shop apparatus 10 at the rentalshop operates the barcode reader 11 so as to optically read a barcodeprinted on the surface of the DVD package 31.

[0191] The barcode reader 11 connected to the shop apparatus 10optically reads the barcode printed on the surface of the DVD package31, and generates read-information corresponding to the read barcode(step S121). The barcode processing unit 106 receives theread-information from the barcode reader 11, generates a title ID usingthe received read-information, and outputs the generated title ID to thecontrol unit 104 (step S122).

[0192] Following this, the shop clerk who operates the shop apparatus 10receives the IC card 20 from the user who is a member of the rentalshop, and mounts the received IC card 20 on the shop apparatus 10.

[0193] When the IC card 20 is mounted on the shop apparatus 10 by theoperator of the shop apparatus 10, the authentication unit 107 in theshop apparatus 10 performs authentication of the authentication unit 204in the IC card 20 (step S123), and the authentication unit 204 in the ICcard 20 performs authentication of the authentication unit 107 in theshop apparatus 10 (step S131).

[0194] When the authentication performed by the authentication unit 107in the shop apparatus 10 fails (step S124), the shop apparatus 10thereafter stops processing relating to the IC card 20 and ends the DVDrental process. Also, when the authentication performed by theauthentication unit 204 in the IC card 20 fails (step S132), the IC card20 stops processing relating to the shop apparatus 10.

[0195] When the authentication performed by the authentication unit 107in the shop apparatus 10 succeeds (step S124), and the authenticationperformed by the authentication unit 204 in the IC card 20 succeeds(step S132), the control unit 104 outputs a request to read a membernumber, to the IC card 20 via the IC card reading unit 105, and thecontrol unit 203 receives the request to read the member number via theIF unit 205 (step S125). Upon receipt of the request to read the membernumber, the control unit 203 reads the member number from theinformation storage unit 201 (step S133), and outputs the read membernumber to the shop apparatus 10 via the IF unit 205. The control unit104 receives the member number via the IC card reading unit 105 (stepS134).

[0196] Following this, the control unit 104 sets a rental start date, arental end date, and a rental price, generates a set of use managementinformation that is made up of the generated title ID read by thebarcode reader 11, the received member number, and the set rental startdate, rental end date, and rental price, and additionally writes thegenerated set of use management information to the rental-use managementtable 152 held by the information storage unit 101 (step S126).Following this, the control unit 104 outputs the title ID and the rentalend date to the IC card 20 via the IC card reading unit 105. The controlunit 203 receives the title ID and the rental end date via the IF unit205 (step S127).

[0197] Then, the control unit 203 writes rental-use managementinformation including the received title ID and rental end date, to theinformation storage unit 201 (step S135).

[0198] As described above, rental-use management information relating tothe DVD 30 to be rented to the user is written to the IC card 20 that isowned by the user.

[0199] 1.2.3 DVD Data Reproduction Process

[0200] The following describes an operation performed when the user towhich the DVD 30 has been rented reproduces digital work stored in theDVD 30, with reference to a flowchart shown in FIGS. 9 and 10.

[0201] The user to which the DVD 30 has been rented mounts the DVD 30and the IC card 20 on the DVD player 40.

[0202] When the IC card 20 is mounted on the DVD player 40 by the user,the authentication unit 406 in the DVD player 40 performs authenticationof the authentication unit 204 in the IC card 20 (step S141), and theauthentication unit 204 in the IC card 20 performs authentication of theauthentication unit 406 in the DVD player 40 (step S151).

[0203] When the authentication performed by the authentication unit 406in the DVD player 40 fails (step S142), the DVD player 40 thereafterstops processing relating to the IC card 20 and ends the DVD datareproduction process. Also, when the authentication performed by theauthentication unit 204 in the IC card 20 fails (step S152), the IC card20 stops processing relating to the DVD player 40.

[0204] When the authentication performed by the authentication unit 406in the DVD player 40 succeeds (step S142), and the authenticationperformed by the authentication unit 204 in the IC card 20 succeeds(step S152), the control unit 404 reads rental disc identificationinformation from the DVD 30 via the input unit 401 (step S143). Thecontrol unit 404 outputs the read rental disc identification informationto the IC card 20 via the IF unit 407, and the control unit 203 receivesthe rental disc identification information via the IF unit 205 (stepS144).

[0205] Following this, the control unit 203 reads a title ID included inrental-use management information from the information storage unit 201,and judges whether the title ID included in the received rental discidentification information and the read title ID match or not. When aresult of this judgment is negative (step S153), the control unit 203ends the process.

[0206] When the result of the above judgment is affirmative (step S153),the control unit 203 sends a request to obtain the present date and timeto the DVD player 40 via the IF unit 205. The control unit 404 receivesthere quest to obtain the present date and time via the IF unit 407(step S154). The control unit 404 then obtains the present date and timefrom the clock unit 405 (step S145), and outputs the obtained presentdate and time to the IC card 20 via the IF unit 407. The control unit203 receives the present date and time via the IF unit 205 (step S146).

[0207] Following this, the control unit 203 reads a rental end dateincluded in the rental-use management information from the informationstorage unit 201, and compares the received present date and time withthe read rental end date. When judging that the present date and time isafter the rental end date (step S155), the control unit 203 ends theprocess.

[0208] When judging that the present date and time is before the rentalend date or is on the rental end date (step S155), the control unit 203sends a request to read an encrypted title key from the DVD 30, to theDVD player 40 via the IF unit 205. The control unit 404 receives therequest via the IF unit 407 (step S171). Then, the control unit 404reads the encrypted title key from the DVD 30, and outputs the readencrypted title key to the IC card 20 via the IF unit 407. The controlunit 203 receives the encrypted title key via the IF unit 205, andoutputs the encrypted title key to the decryption unit 202 (step S162).

[0209] Following this, the decryption unit 202 reads a device key fromthe information storage unit 201 (step S172), and decrypts the receivedencrypted title key using the read device key, to generate a title key(step S173). The control unit 203 outputs the generated title key to theDVD player 40 via the IF unit 205, and the control unit 404 receives thetitle key via the IF unit 407 (step S174).

[0210] Following this, the control unit 404 outputs the received titlekey to the decryption unit 403. The decryption unit 403 reads encryptedcontent from the DVD 30 via the input unit 401 (step S163), decrypts theread encrypted content using the received title key to generate content,and outputs the generated content to the decoder 402 (step S164). Thedecoder 402 receives the content, and reproduces the received content tooutput video and audio signals to the monitor 41. The monitor 41receives the video and audio signals and outputs them in the form ofvideo and audio (step S165).

[0211] In the above-described way, the user can reproduce digital workstored in the DVD 30.

1.3 CONCLUSIONS

[0212] As described above, in the storage-medium rental system relatingto the present embodiment, the rental agent rents the user a storagemedium storing digital work, so as to provide the digital work to theuser.

[0213] To be more specific, the rental system is for temporarilyproviding a right to use the digital work stored in the storage mediumfrom the rental agent to the user.

[0214] The rental system is roughly composed of a portable storagemedium to be rented (specifically, a DVD), a portable semiconductormemory (an IC card), a shop apparatus, and a reproduction apparatus (aDVD player).

[0215] The portable storage medium prestores content informationrepresenting digital work. The portable semiconductor memory has an areafor securely storing information. The shop apparatus securely writesinto the area of the semiconductor memory, right information that showsa range of the right to use the digital work stored in the storagemedium, when the rental agent rents the user the storage medium. Uponreceipt of an instruction to reproduce the digital work from the user,the reproduction apparatus securely reads the right information from thearea of the semiconductor memory, and judges whether the digital work isallowed to be used or not, based on the read right information. Onlywhen judging that the digital work is allowed to be used, thereproduction apparatus reads the content information from the storagemedium, and reproduces the digital work, based on the read contentinformation.

[0216] As can be known from the above, the IC card is an essentialcomponent for the reproduction apparatus to reproduce the content storedin the DVD. This can produce the following effect. Suppose that anunauthorized user with a malicious intention shoplifts a DVD discdisplayed at the rental shop and brings the DVD home. In this case, theuser cannot reproduce content stored in the DVD disc because the user'sIC card does not store authenticated information.

[0217] Further, the DVD player may be equipped with only one readingunit for an IC card. This reading unit is originally provided to readand write information to and from an IC card for use in the copyrightprotection system. This reading unit can also read and write informationto and from an IC card diverted to the rental system. Accordingly, theDVD player does not need to be newly equipped with another reading unitspecially for an IC card used in the rental system.

[0218] Moreover, the rental shop can use a membership card also as arental card, and so, the operating cost relating to these cards can bereduced.

[0219] Also, the user does not have to carry a plurality of cards forthese purposes.

[0220] 2. Second Embodiment

[0221] The following describes a rental system 1 a (not shown) as amodification of the rental system 1 described in the first embodiment.

[0222] 2.1 Construction of the Rental System 1 a

[0223] The rental system 1 a is roughly composed of a shop apparatus 10,an IC card 20, a DVD 30, a DVD player 40, and a server apparatus 50.

[0224] The shop apparatus 10, the IC card 20, the DVD 30, and the DVDplayer 40 in the rental system 1 a respectively have the sameconstructions as the shop apparatus 10, the IC card 20, the DVD 30, andthe DVD player 40 in the rental system 1.

[0225] The following describes the rental system 1 a in the presentembodiment, focusing on its differences from the rental system 1.

[0226]2.1.1 DVD 30

[0227] As shown in FIG. 12, the DVD 30 prestores encrypted content andrental disc identification information.

[0228] The DVD 30 in the second embodiment differs from the DVD 30 inthe first embodiment in that it does not store an encrypted title key.

[0229] 2.1.2 Server Apparatus 50

[0230] As shown in FIG. 11, the server apparatus 50 is roughly composedof an information storage unit 501, a transmission/reception unit 502, acontrol unit 503, and a display unit and an input unit that are notshown. The server apparatus 50 is connected to the shop apparatus 10 viaa communication line 60.

[0231] Specifically, the server apparatus 50 is a computer system thatis roughly composed of a microprocessor, a ROM, a RAM, a hard disk unit,a display unit, a keyboard, a mouse, and a communication-line connectingunit. The hard disk unit stores computer programs. The functions of theserver apparatus 50 are realized by the microprocessor operating inaccordance with the computer programs.

[0232] (1) Information Storage Unit 501

[0233] As one example shown in FIG. 11, the information storage unit 501stores a title table 521.

[0234] The title table 521 includes a plurality of sets of titleinformation, each of which is made up of a title ID, a device keyidentifier, and an encrypted title key.

[0235] The title ID is identification information for identifyingcontent that is digital work stored in the DVD 30.

[0236] The device key identifier is identification information foridentifying a device key stored in the information storage unit 201 inthe IC card 20.

[0237] The encrypted title key is generated by encrypting a title keyusing a device key identified by the device key identifier. Here, thetitle key is used to encrypt content i.e., digital work, identified bythe title ID.

[0238] (2) Control Unit 503

[0239] The control unit 503 receives a request to obtain an encryptedtitle key from the shop apparatus 10 via the communication line 60 andthe reception/transmission unit 502. The control unit 503 furtherreceives a title ID and a device key identifier.

[0240] Upon receipt of the request, the control unit 503 reads anencrypted title key corresponding to the received title ID and devicekey identifier, from the title table 521 held by the information storageunit 501. Following this, the control unit 503 outputs the readencrypted title key to the shop apparatus 10 via thetransmission/reception unit 502 and the communication line 60.

[0241] (3) Transmission/Reception Unit 502

[0242] The transmission/reception unit 502 is connected to the shopapparatus 10 via the communication line 60. The transmission/receptionunit 502 transmits and receives information between the control unit 503and the shop apparatus 10 via the communication line 60.

[0243] 2.1.3 IC Card 20

[0244] (1) Information Storage Unit 201

[0245] As shown in FIG. 12, the information storage unit 201 furtherprestores a device key identifier for identifying a device key. Thedevice key identifier has been written thereto by the manufacture at thetime of manufacturing the IC card 20.

[0246] (2) Control Unit 203

[0247] In the DVD rental process, the control unit 203 receives arequest to obtain a device key identifier from the shop apparatus 10 viathe IF unit 205. Upon receipt of the request, the control unit 203 readsthe device key identifier from the information storage unit 201, andoutputs the read device key identifier to the shop apparatus 10 via theIF unit 205.

[0248] Also, in the DVD rental process, the control unit 203 receives anencrypted title key as one item of rental-use management information,from the shop apparatus 10 via the IF unit 205, and writes the receivedencrypted title key to the information storage unit 201 as one item ofthe rental-use management information.

[0249] Further, in the DVD data reproduction process, the control unit203 reads an encrypted title key from the rental-use managementinformation stored in the information storage unit 201. The control unit203 decrypts the read encrypted title key using the device key read fromthe information storage unit 201, to generate a title key.

[0250] The control unit 203 in the first embodiment obtains theencrypted title key from the DVD 30 via the DVD player 40. Unlike in thefirst embodiment, however, the control unit 203 in the second embodimentreads the encrypted title key from the information storage unit 201.

[0251] 2.1.4 Shop Apparatus 10

[0252] (1) Control Unit 104

[0253] In the DVD rental process, the control unit 104 outputs a requestto obtain a device key identifier to the IC card 20 via the IC cardreading unit 105.

[0254] The control unit 104 receives a device key identifier from the ICcard 20 via the IC card reading unit 105.

[0255] Following this, the control unit 104 outputs a request to obtainan encrypted title key to the server apparatus 50 via the communicationline 60. The control unit 104 further outputs a title ID read by thebarcode reader 11 and a device key identifier obtained from the IC card20, to the server apparatus 50 via the communication line 60.

[0256] The control unit 104 then receives an encrypted title key fromthe server apparatus 50 via the communication line 60.

[0257] Following this, the control unit 104 outputs a title ID, a rentalend date, and an encrypted title key, to the IC card 20 via the IC cardreading unit 105.

[0258] 2.2 Operation of the Rental System 1 a

[0259] The following describes an operation of the rental system 1 a,focusing on its differences from the operation of the rental system 1 inthe first embodiment. 2.2.1 DVD Rental Process

[0260] The following describes an operation performed when a DVD isrented to the user who is a member of the rental shop, with reference toa flowchart shown in FIGS. 13 and 14, focusing on its differences fromthe operation shown in FIG. 8.

[0261] The control unit 104 writes the generated set of use managementinformation to the rental-use management table 152 instep S126. Then,the control unit 104 outputs a request to obtain a device key identifierto the IC card 20 via the IC card reading unit 105 (step S201). Thecontrol unit 203 then reads the device key identifier from theinformation storage unit 201 (step S202), and outputs the read devicekey identifier to the shop apparatus 10 via the IF unit 205 (step S203).

[0262] Following this, the control unit 104 outputs the request toobtain the encrypted title key to the server apparatus 50 via thecommunication line 60 (step S204). The control unit 104 further outputsthe title ID read by the barcode reader 11 and the device key identifierobtained from the IC card 20 to the server apparatus 50 via thecommunication line 60 (step S205).

[0263] The control unit 503 reads an encrypted title key correspondingto the received title ID and device key identifier from the title table521 held by the information storage unit 501 (step S206). Followingthis, the control unit 503 outputs the read encrypted title key to theshop apparatus 10 via the transmission/reception unit 502 and thecommunication line 60 (step S207).

[0264] Upon receipt of the encrypted title key from the server apparatus50 via the communication line 60 (step S207), the control unit 104outputs the title ID, the rental end date, and the encrypted title keyto the IC card 20 via the IC card reading unit 105 (step S208).

[0265] Following this, the control unit 203 writes the receivedencrypted title key to the information storage unit 201 as one item ofthe rental-use management information (step S209).

[0266] 2.2.2 DVD Data Reproduction Process

[0267] The following describes an operation performed when the user towhich the DVD 30 has been rented reproduces digital work stored in theDVD 30, with reference to a flowchart shown in FIGS. 15 and 16, focusingon its differences from the operation shown in FIGS. 9 and 10.

[0268] When judging that the title ID included in the received rentaldisc identification information and the read title ID match in stepS153, the control unit 203 reads an encrypted title key from rental-usemanagement information stored in the information storage unit 201 (stepS221). Following this, the control unit 203 reads a device key in stepS172.

2.3 CONCLUSIONS

[0269] As described above, unlike in the first embodiment where anencrypted title key is stored in a DVD disc, in the second embodiment aDVD disc available for rental does not store an encrypted title key, andthe shop apparatus 10 writes the encrypted title key to the IC card 20at the rental shop when the DVD disc is rented.

[0270] Further, a device key identifier for identifying a device key hasbeen additionally written to the IC card 20 at the time of manufacturingthe IC card 20.

[0271] The server apparatus 50 stores an encrypted title key incorrespondence with a title ID and a device key.

[0272] When a DVD disc is rented, the shop apparatus 10 reads a devicekey identifier from the IC card 20, obtains an encrypted title key fromthe server apparatus 50, and writes the obtained encrypted title key tothe IC card 20 as one item of rental-use management information.

[0273] When a DVD disc is played, content stored in the DVD disc isreproduced based on a title ID stored in the DVD disc, in the samemanner as in the first embodiment. Here, the DVD player 40 obtains anencrypted title key from the IC card 20.

[0274] 3. Other Modifications 3.1 Modifications 1

[0275] Although the first embodiment describes the case where the shopapparatus 10 writes a rental end date to the IC card 20, the followingmodifications are also possible.

[0276] (1) Although the DVD player 40 internally has the clock unit 405for clocking a date and time, the DVD player 40 may obtain the presentdate and time from an external device via a network.

[0277] (2) The above-described rental end date is a final date of arental period during which rental is allowed, i.e., the rental end dateis an absolute expiry date of the rental period. Instead of such arental end date, the shop apparatus 10 may write a rental start date andperiod information showing a rental period starting from the rentalstart date, to the IC card 20. In this case, the DVD player 40 judgeswhether reproduction is allowed or not, using the rental start date, theperiod information, and the present date and time.

[0278] Also, the shop apparatus 10 may write period information showinga rental period starting from a date and time when content is firstlyreproduced, to the IC card 20. In this case, the DVD player 40 recordsthe date and time when the content is firstly reproduced and judgeswhether reproduction of the content is allowed or not, using therecorded date and time, the period information, and the present date andtime.

[0279] Further, the shop apparatus 10 may write the number of timesdigital work stored in the storage medium is allowed to be reproduced,to the IC card 20. In this case, the DVD player 40 counts the number oftimes the digital work has been reproduced. The DVD player 40 judgesthat the digital work is allowed to be reproduced, only when the countednumber of times does not exceed the allowable number of times includedin the right information.

[0280] 3.2 Modifications 2

[0281] Although the first embodiment describes the case where anencrypted title key generated by encrypting a title key using a devicekey unique to the IC card 20 is used, the following modifications arealso possible.

[0282] The DVD 30 prestores a medium identifier unique to the DVD 30.Because the medium identifier is unique to the DVD 30, this mediumidentifier is not copied even if encrypted content and the like storedin the DVD 30 are copied into another DVD-RW or the like. The otherDVD-RW or the like stores its own unique medium identifier that isdifferent from the above medium identifier unique to the DVD 30.

[0283] The server apparatus stores a title ID, a medium identifier, andan encrypted title key in correspondence with one another. The title IDis identification information for identifying content that is digitalwork. The medium identifier is an identifier for identifying a DVDstoring content identified by the title ID. The encrypted title key isgenerated by encrypting a title key using the medium identifier as akey.

[0284] When the DVD 30 is rented, the shop apparatus 10 writes anencrypted title key stored in correspondence with a title ID identifyingcontent stored in a DVD to be rented from the server apparatus, to theIC card 20, as one item of rental-use management information.

[0285] To reproduce encrypted content stored in the DVD 30, the DVDplayer 40 obtains the encrypted title key from the IC card 20, obtains amedium identifier from the DVD 30, and decrypts the encrypted title keyusing the obtained medium identifier, to generate a title key. Then,using the generated title key, the DVD player 40 decrypts the encryptedcontent stored in the DVD 30, to generate content, and outputs thegenerated content.

[0286] As described above, a key that is used to encrypt a title key togenerate an encrypted title key is a medium identifier stored in the DVD30. Therefore, even if information stored in the DVD 30 is copied toanother DVD by an unauthorized user, a medium identifier that is readfrom the other DVD is not the same as the above medium identifier.Therefore, the encrypted title key cannot be decrypted properly. As aresult, the encrypted content cannot be decrypted properly. In this way,unauthorized reproduction of content by such an unauthorized user whocopies information stored in the DVD 30 to another DVD can be prevented.

[0287] 3.3 Modifications 3

[0288] The IC card 20 can be used for various applications. Examples ofthe various applications include a DVD rental function, a membershipcard function, a point provision function, a credit card function, anelectric money function, and a prepaid card function.

[0289] The information storage unit 201 in the IC card 20 includes aplurality of application areas for securely storing information inone-to-one correspondence with a plurality of application functions.Each application area stores information to be utilized by thecorresponding application function.

[0290] (Membership Card Function)

[0291] One of the application functions is a membership card function ofidentifying a member of the rental shop. The application areacorresponding to the membership card function is used to store a membernumber that identifies the user.

[0292] The membership card function is described in the firstembodiment.

[0293] (Bonus Provision Function for Providing Point Information)

[0294] Another one of the application functions is a bonus provisionfunction of providing, from the rental agent to the user, pointinformation as a membership bonus, in accordance with use of the DVD.The information storage unit 201 in the IC card 20 includes oneapplication area corresponding to the bonus provision function. The shopapparatus 10 additionally writes, to the application area, pointinformation showing the number of points determined in accordance withDVD rental, i.e., in accordance with a payment for reproduction of thedigital work stored in the DVD, or a payment for a product purchase.

[0295] To collect the payment from the user, the shop apparatus 10 sendsto the IC card 20, a request to deduct the number of points designatedby the user from the number of points shown by the point informationstored in the application area, as a part or all of the payment. The ICcard 20 deducts the number of points designated by the user from thenumber of points shown by the point information, as requested by theshop apparatus 10.

[0296] (Electric Money Function)

[0297] Another one of the application function is a payment function,i.e., an electric money function, for the user to make a payment forrental to the rental agent. The information storage unit 201 in the ICcard 20 includes one application area corresponding to the electricmoney function. The application area prestores electric moneyinformation showing a predetermined amount of electric money that can beused instead of actual money.

[0298] To collect the payment from the user, the shop apparatus 10 sendsto the IC card 20, a request to obtain electric money informationshowing an amount of electric money corresponding to the payment fromthe IC card 20.

[0299] The IC card 20 includes the following payment unit. In responseto the request from the shop apparatus 10, the payment unit transmitsthe electric money information showing the amount of electric moneycorresponding to the payment, to the shop apparatus 10, and deducts theamount of electric money corresponding to the payment from the amount ofmoney shown by the electric money information stored in the applicationarea.

[0300] The shop apparatus 10 receives the electric money informationshowing the amount of electric money corresponding to the payment fromthe IC card 20, and stores the received electric money information.

[0301] (Prepaid Card Function)

[0302] Another one of the application functions is a payment function,i.e., a prepaid card function, for the user to make a payment for rentalto the rental agent. The information storage unit 201 in the IC card 20includes one application area corresponding to the prepaid cardfunction. The application area prestores electric ticket informationshowing electric tickets that can be used to pay for reproduction of thedigital work.

[0303] When reproducing the digital work stored in the DVD 30, the DVDplayer 40 sends to the IC card 20, a request to deduct electric ticketscorresponding to a payment determined in accordance with reproduction ofthe digital work, from the electric tickets shown by the electric ticketinformation stored in the application area.

[0304] Here, the DVD player 40 obtains information about the remainingelectric tickets shown by the electric ticket information stored in theIC card 20, before reproducing the digital work stored in the DVD 30.When the remaining electric tickets are less than the electric ticketscorresponding to the payment determined in accordance with thereproduction of the digital work, the DVD player 40 judges that thedigital work is not allowed to be used, and so prohibits reproduction ofthe digital work. In the other cases, the DVD player 40 judges that thedigital work is allowed to be used.

[0305] Also, the DVD player 40 may send to the IC card 20, a request todeduct electric tickets corresponding to a payment for reproduction ofone-time from the electric tickets shown by the electric ticketinformation stored in the application area, every time the digital workis reproduced. Alternatively, when the digital work is reproduced one ormore times during a predetermined period of time, the DVD player 40 maysend to the IC card 20, a request to deduct electric ticketscorresponding to a payment for reproduction of one or more times duringthe predetermined period of time, from the electric tickets shown by theelectric ticket information stored in the application area.

[0306] The IC card 20 includes a payment unit that deducts the electrictickets corresponding to the payment from the electric tickets shown bythe electric ticket information stored in the application area, asrequested by the DVD player 40.

[0307] 3.4 Other Modifications

[0308] The following modifications are also possible.

[0309] (1) A DVD may store a plurality of content IDs, the same numberof encrypted contents, the same number of encrypted content keys, andone encrypted disc key. The plurality of content IDs, the encryptedcontents, and the encrypted content keys respectively correspond to oneanother.

[0310] The encrypted contents are each generated by encrypting adifferent content using a different content key.

[0311] The encrypted content keys are each generated by encrypting adifferent content key using one disc key.

[0312] The encrypted disc key is generated by encrypting the disc keyusing one device key.

[0313] The disc key is unique to a DVD of one type.

[0314] The device key is unique to one IC card, and is stored in the ICcard.

[0315] To reproduce encrypted content stored in a DVD, the IC cardobtains an encrypted disc key and an encrypted content key correspondingto the content to be reproduced, from the DVD player. The IC card theninternally reads a device key, and decrypts the encrypted disc key usingthe read device key, to generate a disc key. The IC card then decryptsthe encrypted content key using the generated disc key, to generate acontent key, and outputs the generated content key to the DVD player.

[0316] The DVD player receives the content key, and decrypts theencrypted content read from the DVD using the received content key, togenerate content.

[0317] (2) Although the above embodiments describe the case where a DVDstoring encrypted digital content is rented, a storage medium to berented should not be limited to a DVD. For example, a CD-ROM, a DVD-ROM,a DVD-RAM, and a BD (Blu-ray Disc) may be used.

[0318] (3) Although the above embodiments describe the case where DES isused as an encryption algorithm and a decryption algorithm, otherencryption techniques may be used.

[0319] (4) The shop apparatus may have a register function ofcalculating amounts of money involved in transaction.

[0320] (5) Although the second embodiment describes the case where theserver apparatus 50 is located distant from the rental shop, theinvention should not be limited to such. For example, the serverapparatus 50 may be located in the rental shop where the shop apparatus10 is located, or the shop apparatus 10 and the server apparatus 50 maybe integrated into one apparatus.

[0321] (6) The present invention may also be realized by methodsdescribed in the above embodiments. Also, the methods may be realized bycomputer programs to be executed on a computer, or by digital signalsthat are made up of the computer programs.

[0322] Further, the present invention may be realized by acomputer-readable storage medium storing the computer programs or thedigital signals. Examples of the computer-readable recording mediuminclude a flexible disk, a hard disk, a CD-ROM, an MO, a DVD, a DVD-ROM,a DVD-RAM, a BD, and a semiconductor memory. Also, the present inventionmay be realized by the computer programs, or by the digital signalsstored in such a storage medium.

[0323] Also, the present invention may be realized by the computerprograms or the digital signals being transmitted via an electriccommunication line, a wireless or cable communication line, or a networksuch as the Internet.

[0324] Moreover, the present invention may be realized by a computersystem including a microprocessor and a memory. Here, the memory maystore the computer programs, and the microprocessor may operate inaccordance with the computer programs.

[0325] By storing the computer programs or the digital signals in any ofthe storage mediums listed above and transferring the storage mediums toan independent computer system, or by transmitting the computer programsor the digital signals to an independent computer system via a network,the computer programs or the digital signals may be executed in theindependent computer system.

[0326] (7) The above embodiments of the present invention and themodifications may be combined.

[0327] Although the present invention has been fully described by way ofexamples with reference to the accompanying drawings, it is to be notedthat various changes and modifications will be apparent to those skilledin the art. Therefore, unless such changes and modifications depart fromthe scope of the present invention, they should be construed as beingincluded therein.

What is claimed is:
 1. A storage-medium rental system for temporarilyproviding, from a rental agent to a user, a right to use digital workstored in a portable storage medium, where a portable semiconductormemory is connected to a rental-shop apparatus when the rental agentrents the user the storage medium, and the storage medium and thesemiconductor memory are connected to a reproduction apparatus when theuser reproduces the digital work, the storage-medium rental systemcomprising: the storage medium that prestores content informationrepresenting the digital work; the semiconductor memory that has an areafor securely storing information; the rental-shop apparatus thatsecurely writes right information into the area of the semiconductormemory when the rental agent rents the user the storage medium, theright information showing a range of the right to use the digital workstored in the storage medium; the reproduction apparatus that, uponreceipt of an instruction from the user to reproduce the digital work,(a) securely reads the right information from the area of thesemiconductor memory, (b) judges whether the digital work is allowed tobe used or not, based on the read right information, and (c) only whenjudging that the digital work is allowed to be used, reads the contentinformation from the storage medium and reproduces the digital workbased on the read content information.
 2. The storage-medium rentalsystem of claim 1, wherein the user makes a payment for rental to therental agent when the rental agent rents the user the storage medium,and the rental-shop apparatus securely writes the right information intothe area of the semiconductor memory when the rental agent receives thepayment for rental from the user.
 3. The storage-medium rental system ofclaim 2, wherein the content information stored in the storage mediumhas been generated by encrypting the digital work using an encryptionkey, the rental-shop apparatus writes the right information including adecryption key to be used to decrypt the content information, into thearea of the semiconductor memory, and the reproduction apparatusdecrypts the read content information using the decryption key includedin the read right information, to generate the digital work, only whenjudging that the digital work is allowed to be used.
 4. Thestorage-medium rental system of claim 2, wherein the rental-shopapparatus securely writes the right information includingreproduction-limiting information into the area of the semiconductormemory, the reproduction-limiting information showing a limitation to beimposed on reproduction of the digital work stored in the storagemedium, and the reproduction apparatus judges whether the digital workis allowed to be used or not, based on the reproduction-limitinginformation included in the read right information.
 5. Thestorage-medium rental system of claim 4, wherein thereproduction-limiting information shows a rental-use time limit untilwhen the rental agent allows the user to use the digital work stored inthe storage medium, the rental-shop apparatus writes the rightinformation including the rental-use time limit, and the reproductionapparatus compares the rental -use time limit included in the rightinformation with a present date and time, and judges that the digitalwork is allowed to be used when the rental-use time limit is on or afterthe present date and time.
 6. The storage-medium rental system of claim4, wherein the reproduction-limiting information shows a rental-useperiod during which the rental agent allows the user to use the digitalwork stored in the storage medium, the rental-use period starting from atime at which the user firstly reproduces the digital work stored in thestorage medium, the rental-shop apparatus writes the right informationincluding the rental-use period, and the reproduction apparatus comparesan elapsed date and time at which the rental-use period elapses from thetime at which the user firstly reproduces the digital work, with apresent date and time, and judges that the digital work is allowed to beused when the elapsed date and time is on or after the present date andtime.
 7. The storage-medium rental system of claim 4, wherein thereproduction-limiting information shows a number of times the user isallowed to reproduce the digital work stored in the storage medium, therental-shop apparatus writes the right information including the numberof times the user is allowed to reproduce the digital work, and thereproduction apparatus counts a number of times the digital work hasbeen reproduced every time the digital work is reproduced, and judgesthat the digital work is allowed to be used only when the counted numberof times does not exceed the number of times the user is allowed toreproduce the digital work included in the right information.
 8. Thestorage-medium rental system of claim 2, wherein the storage mediumstores first identification information in correspondence with thecontent information, the first identification information identifyingthe digital work, the rental-shop apparatus writes the right informationincluding second identification information into the area of thesemiconductor memory, the second identification information identifyingthe digital work, and the reproduction apparatus compares the firstidentification information stored in the storage medium and the secondidentification information included in the read right information, andonly when the first identification information and the secondidentification information match, judges that the digital workidentified by the content information stored in correspondence with thefirst identification information is allowed to be used.
 9. Thestorage-medium rental system of claim 8, wherein the content informationstored in the storage medium has been generated by encrypting thedigital work using a content key, the rental-shop apparatus securelywrites the right information including an encrypted content key that hasbeen generated by encrypting the content key using a device key, intothe area of the semiconductor memory, the semiconductor memory furtherprestores the device key in the area, the device key being unique to thesemiconductor memory, the semiconductor memory further includes adecryption unit for decrypting the encrypted content key stored in thearea using the device key stored in the area, to generate the contentkey, and outputting the generated content key, and the reproductionapparatus, upon receipt of the reproduction instruction from the user,receives the content key from the semiconductor memory, and decrypts theread content information using the received content key, to generate thedigital work.
 10. The storage-medium rental system of claim 8, whereinthe content information stored in the storage medium has been generatedby encrypting the digital work using a content key, the storage mediumstores a disc key that is unique to the storage medium, the rental shopapparatus securely writes the right information including an encryptedcontent key that has been generated by encrypting the content key usingthe disc key, into the area of the semiconductor memory, thesemiconductor memory further includes a decryption unit for obtainingthe disc key from the storage medium via the reproduction apparatus,decrypting the encrypted content key stored in the area using theobtained disc key to generate the content key, and outputting thegenerated content key, and the reproduction apparatus, upon receipt ofthe reproduction instruction from the user, receives the content keyfrom the semiconductor memory, decrypts the read content informationusing the received content key, to generate the digital work.
 11. Thestorage-medium rental system of claim 2, wherein the semiconductormemory performs mutual device authentication with the rental-shopapparatus, and only when the mutual device authentication succeeds,allows the rental-shop apparatus to write the right information.
 12. Thestorage-medium rental system of claim 2, wherein the semiconductormemory performs mutual device authentication with the reproductionapparatus, and only when the mutual device authentication succeeds,allows the reproduction apparatus to read the right information.
 13. Thestorage-medium rental system of claim 2, wherein the area of thesemiconductor memory includes a plurality of application areas beingprovided in one-to-one correspondence with a plurality of applicationfunctions, each application area being provided for securely storinginformation for the corresponding application function, and one of theplurality of application functions is a rental function of renting thestorage medium for use in the storage-medium rental system, and theapplication area corresponding to the rental function is used to storethe right information.
 14. The storage-medium rental system of claim 13,wherein another one of the plurality of application functions is amembership card function of identifying a member of a rental shop, andthe application area corresponding to the membership card function isused to store a member number that identifies the user.
 15. Thestorage-medium rental system of claim 14, wherein another one of theplurality of application functions is a bonus provision function ofproviding, from the rental agent to the user, point information as abonus in accordance with use of the storage medium, and the applicationarea corresponding to the bonus provision function is used to storepoint information showing a predetermined number of points that can beused to make a payment for reproduction of the digital work, when therental agent receives the payment from the user, the rental-shopapparatus sends to the semiconductor memory, a request to deduct anumber of points designated by the user, from the predetermined numberof points shown by the point information, as a part or all of thepayment, and the semiconductor memory further includes a payment unitthat deducts the designated number of points from the predeterminednumber of points shown by the point information, as requested by therental-shop apparatus.
 16. The storage-medium rental system of claim 15,wherein the rental-shop apparatus generates, when the rental agentreceives the payment from the user, point information showing a numberof points in accordance with the payment to be received, andadditionally writes the generated point information into the applicationarea of the semiconductor memory.
 17. The storage-medium rental systemof claim 13, wherein another one of the plurality of applicationfunctions is a payment function that is used to make the payment forrental from the user to the rental agent, and the application areacorresponding to the payment function prestores electric moneyinformation showing a predetermined amount of electric money that can beused instead of actual money, when the rental agent receives the paymentfrom the user, the rental-shop apparatus sends to the semiconductormemory, a request to deduct an amount of electric money corresponding tothe payment from the predetermined amount of electric money shown by theelectric money information, receives electric money information showingthe amount of electric money corresponding to the payment from thesemiconductor memory, and stores the received electric moneyinformation, and the semiconductor memory further includes a paymentunit that transmits the electric money information showing the amount ofelectric money corresponding to the payment to the rental-shop apparatusas requested by the rental-shop apparatus, and deducts the amount ofelectric money corresponding to the payment from the predeterminedamount of electric money shown by the electric money information storedin the application area.
 18. The storage-medium rental system of claim1, wherein the area of the semiconductor memory includes a plurality ofapplication areas being provided in one-to-one correspondence with aplurality of application functions, each application area being providedfor securely storing information for the corresponding applicationfunction, and one of the plurality of application functions is a rentalfunction of renting the storage medium for use in the storage-mediumrental system, and the application area corresponding to the rentalfunction is used to store the right information.
 19. The storage-mediumrental system of claim 18, wherein another one of the plurality ofapplication functions is a payment function that is used to make apayment for rental from the user to the rental agent, and theapplication area corresponding to the payment function prestoreselectric ticket information that shows electric tickets that can be usedto make a payment for reproduction of the digital work, when reproducingthe digital work, the reproduction apparatus sends to the semiconductormemory, a request to deduct electric tickets corresponding to thepayment determined in accordance with the reproduction of the digitalwork, from the electric tickets shown by the electric ticketinformation, and the semiconductor memory further includes a paymentunit that deducts the electric tickets corresponding to the payment fromthe electric tickets shown by the electric ticket information stored inthe application area, as requested by the reproduction apparatus. 20.The storage-medium rental system of claim 19, wherein the reproductionapparatus obtains, before reproducing the digital work, electric ticketinformation showing remaining electric tickets from the semiconductormemory, and judges that the digital work is not allowed to be used andprohibits the digital work from being reproduced, when the remainingelectric tickets are less than the electric tickets corresponding to thepayment determined in accordance with the reproduction of the digitalwork.
 21. The storage-medium rental system of claim 20, wherein thereproduction apparatus sends to the semiconductor memory, a request todeduct electric tickets corresponding to a payment for reproduction ofone-time from the electric tickets shown by the electric ticketinformation, every time the digital work is reproduced.
 22. Thestorage-medium rental system of claim 20, wherein when reproducing thedigital work one or more times during a predetermined period of time,the reproduction apparatus sends to the semiconductor memory, a requestto deduct electric tickets corresponding to a payment for thereproduction of the digital work during the predetermined period oftime, from the electric tickets shown by the electric ticketinformation.
 23. A rental-shop apparatus that constitutes astorage-medium rental system for temporarily providing, from a rentalagent to a user, a right to use digital work stored in a portablestorage medium, wherein a portable semiconductor memory is connected tothe rental-shop apparatus when the rental agent rents the user thestorage medium, the storage medium prestores content informationrepresenting the digital work, the semiconductor memory has an area forsecurely storing information, and the rental-shop apparatus securelywrites right information into the area of the semiconductor memory whenthe rental agent rents the user the storage medium, the rightinformation showing a range of the right to use the digital work storedin the storage medium.
 24. A reproduction apparatus that constitutes astorage-medium rental system for temporarily providing, from a rentalagent to a user, a right to use digital work stored in a portablestorage medium, wherein a portable semiconductor memory is connected tothe rental-shop apparatus when the rental agent rents the user thestorage medium, the storage medium and the semiconductor memory areconnected to the reproduction apparatus when the user reproduces thedigital work, the storage medium prestores content informationrepresenting the digital work, the semiconductor memory has an area forsecurely storing information, the rental-shop apparatus securely writesright information into the area of the semiconductor memory when therental agent rents the user the storage medium, the right informationshowing a range of the right to use the digital work stored in thestorage medium, and the reproduction apparatus, upon receipt of aninstruction from the user to reproduce the digital work, (a) securelyreads the right information from the area of the semiconductor memory,(b) judges whether the digital work is allowed to be used or not, basedon the read right information, and (c) only when judging that thedigital work is allowed to be used, reads the content information fromthe storage medium and reproduces the digital work based on the readcontent information.
 25. A rental method used in a storage-medium rentalsystem for temporarily providing, from a rental agent to a user, a rightto use digital work stored in a portable storage medium, where aportable semiconductor memory is connected to a rental-shop apparatuswhen the rental agent rents the user the storage medium, the storagemedium and the semiconductor memory are connected to a reproductionapparatus when the user reproduces the digital work, and thestorage-medium rental system includes: the storage medium that prestorescontent information representing the digital work; the semiconductormemory that has an area for securely storing information; therental-shop apparatus; and the reproduction apparatus, the rental methodcomprising: a first step, to be executed by the rental-shop apparatus,of securely writing right information into the area of the semiconductormemory when the rental agent rents the user the storage medium, theright information showing a range of the right to use the digital workstored in the storage medium; and a second step, to be executed by thereproduction apparatus, of upon receipt of an instruction from the userto reproduce the digital work, (a) securely reading the rightinformation from the area of the semiconductor memory, (b) judgingwhether the digital work is allowed to be used or not, based on the readright information, and (c) only when judging that the digital work isallowed to be used, reading the content information from the storagemedium and reproducing the digital work based on the read contentinformation.
 26. A computer program for rental that is used in astorage-medium rental system for temporarily providing, from a rentalagent to a user, a right to use digital work stored in a portablestorage medium, where a portable semiconductor memory is connected to arental-shop apparatus when the rental agent rents the user the storagemedium, the storage medium and the semiconductor memory are connected toa reproduction apparatus when the user reproduces the digital work, andthe storage-medium rental system includes: the storage medium thatprestores content information representing the digital work; thesemiconductor memory that has an area for securely storing information;the rental-shop apparatus; and the reproduction apparatus, the computerprogram comprising: a first step, to be executed by the rental-shopapparatus, of securely writing right information into the area of thesemiconductor memory when the rental agent rents the user the storagemedium, the right information showing a range of the right to use thedigital work stored in the storage medium; and a second step, to beexecuted by the reproduction apparatus, of upon receipt of aninstruction from the user to reproduce the digital work, (a) securelyreading the right information from the area of the semiconductor memory,(b) judging whether the digital work is allowed to be used or not, basedon the read right information, and (c) only when judging that thedigital work is allowed to be used, reading the content information fromthe storage medium and reproducing the digital work based on the readcontent information.
 27. A computer-readable program storage mediumstoring a computer program for rental that is used in a storage-mediumrental system for temporarily providing, from a rental agent to a user,a right to use digital work stored in a portable storage medium, where aportable semiconductor memory is connected to a rental-shop apparatuswhen the rental agent rents the user the storage medium, the storagemedium and the semiconductor memory are connected to a reproductionapparatus when the user reproduces the digital work, and thestorage-medium rental system includes: the storage medium that prestorescontent information representing the digital work; the semiconductormemory that has an area for securely storing information; therental-shop apparatus; and the reproduction apparatus, the computerprogram comprising: a first step, to be executed by the rental-shopapparatus, of securely writing right information into the area of thesemiconductor memory when the rental agent rents the user the storagemedium, the right information showing a range of the right to use thedigital work stored in the storage medium; and a second step, to beexecuted by the reproduction apparatus, of upon receipt of aninstruction from the user to reproduce the digital work, (a) securelyreading the right information from the area of the semiconductor memory,(b) judging whether the digital work is allowed to be used or not, basedon the read right information, and (c) only when judging that thedigital work is allowed to be used, reading the content information fromthe storage medium and reproducing the digital work based on the readcontent information.